Skip to content

Commit 46516c3

Browse files
bscott-rhbscott-rh
authored
Merge pull request #70153 from GroceryBoyJr/known-issue-co
OCPBUGS-7355: Some rules will FAIL after auto remediation applied
2 parents 138acf7 + c27406e commit 46516c3

File tree

1 file changed

+7
-0
lines changed

1 file changed

+7
-0
lines changed

security/compliance_operator/compliance-operator-release-notes.adoc

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,8 @@ The following advisory is available for the OpenShift Compliance Operator 1.4.0:
3838
[id="compliance-operator-1-4-0-bug-fixes"]
3939
=== Bug fixes
4040

41+
* Previously, on a cluster with Windows nodes, some rules will FAIL after auto remediation is applied because the Windows nodes were not skipped by the compliance scan. With this release, Windows nodes are correctly skipped when scanning. (link:https://issues.redhat.com/browse/OCPBUGS-7355[*OCPBUGS-7355*])
42+
4143
* With this update, `rprivate` default mount propagation is now handled correctly for root volume mounts of pods that rely on multipathing. (link:https://issues.redhat.com/browse/OCPBUGS-17494[*OCPBUGS-17494*])
4244

4345
* Previously, the Compliance Operator would generate a remediation for `coreos_vsyscall_kernel_argument` without reconciling the rule even while applying the remediation. With release 1.4.0, the `coreos_vsyscall_kernel_argument` rule properly evaluates kernel arguments and generates an appropriate remediation.(link:https://issues.redhat.com/browse/OCPBUGS-8041[*OCPBUGS-8041*])
@@ -72,6 +74,11 @@ This update addresses a CVE in an underlying dependency.
7274
To enable FIPS mode for your cluster, you must run the installation program from a {op-system-base} computer configured to operate in FIPS mode. For more information about configuring FIPS mode on RHEL, see link:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/assembly_installing-the-system-in-fips-mode_security-hardening[Installing the system in FIPS mode].
7375
====
7476

77+
[id="compliance-operator-1-3-1-known-issue"]
78+
=== Known issue
79+
80+
* On a cluster with Windows nodes, some rules will FAIL after auto remediation is applied because the Windows nodes are not skipped by the compliance scan. This differs from the expected results because the Windows nodes must be skipped when scanning. (link:https://issues.redhat.com/browse/OCPBUGS-7355[*OCPBUGS-7355*])
81+
7582
[id="compliance-operator-release-notes-1-3-0"]
7683
== OpenShift Compliance Operator 1.3.0
7784

0 commit comments

Comments
 (0)